COURSEINTRODUCTION

ArcSight is one of the most popular SIEM tools available in the market. Many organizations and MSSP (Managed Security Service Providers) are using ArcSight to identify and block attacks from intruders. The primary objective of any SIEM tool to collect logs from various security devices and then send those logs through manual or automated co-relation engineers which will, in turn, provide alerts to SOC engineers. Security professionals are then required to find out the origin of attack while also protecting their critical infrastructure. It is well known in security circles that almost all attacks take months to identify and then remediate. A good SOC engineer will make sure the co-relation rules are maintained properly by reducing the false positive alerts and focusing on the areas where attention is required.

Program Benefits Description

This course will teach you how to become a smart SOC engineer. By the end of this course, you will know how to identify the critical resources in the organization and write good co-relations rules to protect IT Infrastructure.

What'll you Learn?

Introduction to ArcSight ESM

ArcSight Event Schema and Lifecycle

ESM Installation and Configuration

ESM Console

ArcSight Command Center

ArcSight Web Interface

Active Channels, Filters and Field Sets

Rules and Lists

Dashboards and Data Monitors

Query Viewers

ESM Reports

Workflow Cases

User Administration

User Notifications

Use Case Resources

ArcSight Content Management

Event Search

HP ArcSight Support Resources

Course Pricing Description

To know more about the Program Pricing, just fill the form. One of our representatives will get back to you with the requested information.